DNS Protocol Flaw: Don`t Panic, Just Patch

Monday, July 14th, 2008

The exploit discovered by IOActive's Dan Kaminsky, takes advantage of a fundamental flaw in the DNS (Domain Name Server) protocol. Organizations should move quickly to patch vulnerable DNS servers against a flaw revealed last week. Dan Kaminsky said the bug can be exploited to redirect Internet traffic, but the problem ...

ZoneAlarm updated after Microsoft’s DNS patch

Thursday, July 10th, 2008

On Thursday, Check Point Software Technologies released updated versions of all its ZoneAlarm products, addressing an incompatibility with a patch Microsoft released earlier this week.The fix requires ZoneAlarm users to download the latest version, 7.0.438.000, from its site. A reboot is required to complete installation.Since Tuesday, ZoneAlarm customers have complained ...

DNSenum – Domain Information Gathering Tool

Thursday, July 10th, 2008

The first stage of penetration testing is usually passive information gathering and enumeration (active information gathering). This is where tools like dnsenum come in, the purpose of DNSenum is to gather as much information as possible about a domain. The program currently performs the following operations: 1. Get the host’s addresse (A ...

Microsoft DNS Security Fix Knocks ZoneAlarm Users Offline

Wednesday, July 9th, 2008

The problem began when Microsoft on Tuesday sent patch number KB951748 to Windows users. The patch is designed to plug a security vulnerability that leaves computers vulnerable to so-called DNS attacks.The vulnerability is widespread and affects products made by numerous networking and software vendors beyond Microsoft. It was discovered by ...

Massive DNS security problem endangers the internet

Wednesday, July 9th, 2008

US-CERT and other security experts have warned of a critical design problem affecting all DNS implementations. The Domain Name Service is responsible for converting readable names like www.heise-online.co.uk into the IP addresses that computers can handle, such as 193.99.144.85. DNS is thus the internet equivalent to a phonebook and without ...